Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 12:36 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Wed Jan 18, 2017 5:58 pm 
Offline

Joined: Wed Jan 18, 2017 4:56 pm
Posts: 2
Newbie to Yubikey development here. I have been given a task that doesn't seem to fit with the way other people are using the YubiKey, and therefore with questions already asked on the net. Looking for some initial information to get started with the project.

My company has invested in two sets of YubiKeys for simple kiosk security. We have both YubiKey Standard (with the dot), and YubiKey 4 (with the Y). Not sure why the decision was made to buy both instead of sticking with one, but I am tasked with implementing dongle security for a kiosk system. I have been reading up on Yubico.com, and have seen were challenge/response can be made against the key. I have downloaded the Yubikey Client API, looked inside of Samples\MFC\x86, and run the MFCTest.exe (reports v1.0 in the About dialog) which, with asynchronous notifications turned on, easily detects the insertion/removal of the YubiKey Standard, but doesn't recognize the YubiKey 4.

Reading further I have found that there seems to be a new way to handle keys by using a connection to a cloud server. This would not work for our project, since the kiosk system may or may not be connected to the internet, at the discretion of the client. So we need a solution which would allow us to quickly noticed the insertion/removal of the dongle, and to make simple challenge requests of it, receiving back its key, and therefore making decisions on whether the dongle is authorized for entry in to secure functionality on the kiosk. We will not be taking a password, at least up front, but would like to configure a group of dongles for one level of security, and another group for a second level. Eventually there may be a third/fourth level implemented, and eventually we may want one or two of these groupings to also be required, per the key received from the dongle, to give a password.

I guess there are a couple initial things I need clarification on here:
1) How do I do simple insertion notification for these keys. I have not been able to find access to a DLL that would give me this functionality.
2) Is there a DLL that would be able to communicate with the YubiKey 4, while also being backward compatible for communicating with the YubiKey Standard?

We are writing for Windows 7 (possibly moving to Windows 8 soon, and the thought has been thrown around that we could eventually find a final home on Centos Linux), and have a mixture of unmanaged C++ and managed C# using VS2010.

Thanks for any help...


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Wed Jan 18, 2017 6:19 pm 
Offline
Yubico Team
Yubico Team

Joined: Thu Oct 16, 2014 3:44 pm
Posts: 349
I can at least answer #2 for you.

You need version 4.1.0 of the Client API to recognize the YubiKey 4, which you can find here - https://developers.yubico.com/windows-apis/Releases/

The YubiKey 4 was released in November 2015, so the previous versions of the Client API (built before this) will not recognize the YubiKey 4.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group